Chicago jeweler suing Oak Brook IT firm

[InfoSec News <alerts () infosecnews org>]

http://www.chicagotribune.com/business/ct-biz-0210-peacock-20120210,0,4442472.story

By Wailin Wong
Chicago Tribune
February 10, 2012

Chicago jeweler C.D. Peacock has sued a suburban information-technology 
consulting firm, alleging that the company's negligence allowed hackers 
to access confidential customer financial data.

The lawsuit was filed Wednesday in Cook County Circuit Court. According 
to C.D. Peacock's complaint, it hired Oak Brook-based BridgePoint 
Technologies for IT-related services in August 2009. In March 2010, the 
company found that its virtual private network, designed to give remote 
users access to a centralized network, was failing to make connections.

C.D. Peacock said although evaluating the problem fell outside the scope 
of its agreement with the IT firm, a BridgePoint consultant inspected 
the network and said the VPN could not be fixed. The consultant told the 
jeweler to go around the VPN connection, a move that he assured the 
company would be safe, according to the lawsuit.

"Circumventing the VPN led almost immediately to a serious security 
breach," C.D. Peacock said in its filing.

[...]


______________________________________________________________________________
Certified Ethical Hacker and CISSP training with Expanding Security gives
the best training and support.
Get a free live class invite weekly.  Best program, best price.
www.ExpandingSecurity.com/PainPill